What is all included in the VMware vShield Family of products

Today at VMworld 2010 VMware announces the new family of vShield products. The new products to this family are vShield Endpoint, vShield App and vShield Edge. Each product has been designed for a few core functions that are helping to facilitate and secure the IT as a Service model that VMware is promoting with its new vCloud Director solution. These security related products are going to secure, make management easier and help move down the patch to a cloud infrastructure.

I will try and provide some more details about each product below gathering any details that are available as of today. In the image below are some of the concerns that VMware is address based on what Enterprises have been telling them.

vShield Endpoint – vShield Endpoint provides on-host antivirus and malware protection that reduces performance latency and eliminates the need to maintain individual security agents in each and every virtual machine, helping to simplify security administration while minimizing the risk of malware infections. Datasheet

vShield App -VMware vShield App protects applications in the virtual datacenter from network-based threats. vShield App gives organizations the ability to create and manage business-relevant policies that adapt to dynamic cloud environments. It also provides deep visibility into network communications between virtual machines and granular enforcement through security groups. Datasheet

vShield Edge – vShield Edge is a network gateway solution that protects the edges of the virtual datacenter with DCHP, network address translation (NAT), firewalling, load balancing, site-to-site VPN, port group isolation and other capabilities that help organizations maintain proper segmentation between different organizational units. Datasheet

vShield Manager – Included with all vShield products, vShield Manager provides a central point of control for managing, deploying, reporting, logging and integrating third-party security services. Working in conjunction with vCenter Server, vShield Manager also enables role-based access control and administrative delegation as part of a unified framework for managing virtualization security.

vShield Zones – VMware vShield Zones, included with vSphere, provides basic protection from network-based threats in virtual datacenters, with application firewalling and policy management based on administrator-defined zones, using basic traffic information such as the source IP address, the destination port, and so on.

Here is a quote from a VMware product release.

Enterprise Partner Extranets – vShield lets enterprises extend their networks and application resources to branch offices, home offices and business partner sites through site-to-site VPN services that offer simplified provisioning, streamline administrative tasks and improve scalability. All traffic between sites is encrypted using IPsec to maintain the confidentiality and integrity of all site-to-site communications.

vShield Product Family Brochure

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

VMworld 2010 self pace Labs are a thing of Beauty

The VMware self paced labs for VMworld 2010 are taking things to a new level. This setup and the amount of computing power on display here is second to nothing. Something different from the 2009 VMworld labs is that any Lab Topic cab be presented at any set of terminals. In last years labs there was different sections for each topic which led to lines and delays for popular topics. There is in the neighborhood of 480 seats for the VMworld labs. When checking in and selecting your topic it will be assigned to your badge. You can see from the image below that the setup is very impressive.

Each VMworld lab topic is based on a Pod. The lab pod’s are heavily customized installs that are based on vSphere, Lab manager wither their own Active Directory and vCenter server. To break it down they are creating nested or virtualized copies of vSphere ESX and ESXi server within VMware Lab Manager and associated products. This allows them to deploy them in just a few minutes and also have around 30 different topics stored in Lab Manager configurations waiting to be deployed for the next lab. It was discussed today that each hour they expect about 5000 virtual machines will be created and destroyed.

Your probably wondering what it takes to run all of this virtualize goodness and where is it at. Well the VMworld labs are being sources from 2 off site Data centers and 1 on site facility. The entire VMworld lab setup is going to be monitored and supported by over 100 VMware employees from the Services and Engineering groups. They will be there to make sure things are going smoothly and answer any questions that attendees might have.

Some estimated stats that VMware is throwing out what will be served up during the 4 day even.

  • Over 100,000 virtual machine will be provisioned this week.
  • Total memory for the vSphere hosts supporting the VMworld labs is 36TB
  • Each data center has 4 racks of servers and 2 racks of storage
  • 20,000 Lab set hours for the week
  • HP, Dell, EMC, Xsigo, Netapp and Cisco are providing the hardware
  • Each lab seat has a Wyse thin client

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

Vkernel briefing on new Vkernel Capacity Management Suite

I was invited to a one on one product briefing last week with the Marketing Team at Vkernel. They were giving some pre VMworld briefings on their new product suite called Vkernel Capacity Management Suite. They will formally announce it on Wednesday August 25th but asked me to wait until today before releasing any details.

By creating the Vkernel CMS package they will be releasing 3 updated existing products along with one new product in a single virtual appliance. This allows for a easier and faster deployment and greater integration between the products. That was not previously available. You would still license the 3 products separately at $299 each per socket. Which if you have a large environment could be costly. I was impressed by several of the new features and the flexibility the new reporting is able to provide.

Below you can see some of the new reporting and data mining features from Vkernel. These are important in Capacity Management. I liked the ability to report on changes made within a selected time frame and then the HA reporting function. Getting notified of a cluster that will have an HA issue if a host should fail would be nice, this could be caused by someone dropping in a monster virtual machine that messes up your vSphere slot sizes.

This slide covers the automation of right sizing VM’s or reclaiming over provisioned virtual machines. This would probably scare the crap out of any Virtual admin that I have ever worked with. But if you have a lab or development environment it could be very handy to have this run nightly or weekly and pull back resources that users have gotten too greedy with.

Below you can see a slide that shows some details about the Inventory app included in the CMS package from Vkernel. It seems to offer some flexibility for pulling details out of your Virtual Infrastructure. For example you could quickly pull a list of powered off virtual machines.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

Failed Boot Recovery option a new feature in ESXi 4.1

I recently stumbled upon a new feature in VMware vSphere 4.1 that was tucked away in the Virtual Machine options. You can see from the picture below the setting is called Failed Boot Recovery. The failed boot recovery option is listed under Boot Options within the settings of a Virtual Machine. There is not much info available on this feature at this time, I plan to ask a VMware SE about it next time I see one. From what I understand at this point is if a machine fails to find its boot device instead of letting the VM sit there with the error. You can elect a retry boot time in seconds on this screen and it will try to reboot the device and try again. My guess is this is designed towards a VM that crashed on boot up which might be due to a missing VMDK file.

The only details I could find so far are on a scripting related page on VMware site here.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More

Configure VMware ESXi 4.1 for Active Directory Integration

By now you’re sure to have heard that vSphere 4.1 offers the ability to use Active Directory for authentication. This is something that has been on peoples wish lists for sometime now. There was some hacks to make this work on the previous versions, but they were a use at your own risk option. With AD integration you can use your normal domain user accounts that poses admin rights already to authenticate with your ESX servers. This will help keep things in sync and keep you from having to manually create local accounts on your ESX hosts. If you were just using Virtual Center or vCenter server the new name it has always been able to use Active Directory for authentication.

There are a couple of different ways that you can enable AD integration ( vSphere client, vCLI, scripting or Host Profiles). In this post I will cover the method through vSphere client.

About Brian Suhr

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Read More
Page 1 of 212
%d bloggers like this: